CVE-2008-3623

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 3.2 on Windows iPhone OS versions 1.0 through 2.2.1 iPhone OS for iPod touch versions 1.1 through 2.2.1

Description The issue is related to a heap-based buffer overflow in CoreGraphics, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted image. This is due to improper handling of color spaces.

Recommendations For Apple Safari versions prior to 3.2 on Windows: Update to version 3.2 or later. For iPhone OS versions 1.0 through 2.2.1: Update to a version later than 2.2.1. For iPhone OS for iPod touch versions 1.1 through 2.2.1: Update to a version later than 2.2.1.